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On the other hand, regarding rejection of claims 17-23, 25-39, and 41-47, clarification has been made to indicate which claims were 
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(1) Real Party in Interest 

A statement identifying by name the real party in interest is contained in the brief. 

(2) Related Appeals and Interferences 

The examiner is not aware of any related appeals, interferences, or judicial proceedings 
which will directly affect or be directly affected by or have a bearing on the Board's decision in 
the pending appeal. 

(3) Status of Claims 

The statement of the status of claims contained in the brief is correct. 

(4) Status of Amendments After Final 
No amendment after final has been filed. 

(5) Summary of Claimed Subject Matter 

The summary of claimed subject matter contained in the brief is correct. 

(6) Grounds of Rejection to be Reviewed on Appeal 

The appellant's statement of the grounds of rejection to be reviewed on appeal is 
substantially correct. The changes are as follows: 

Claims 1, 2, 5, 6, and 9-16 stand finally rejected under 35 U.S.C. 102(a) as being 
anticipated by Adams (U.S. Patent 671 8,470). 

Claims 3 and 7 stand finally rejected under U.S.C. 103(a) as being unpatentable over 

Adams. 

Claims 4 stand finally rejected under 35 U.S.C. 103(a) as being unpatentable over Adams 
in view of Czerwinski et al. "An Architecture for a Secure Service Discovery Service" 
(hereinafter Czerwinski). 
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Claims 17, 18, 21, 22, 25-34, 37, 38, and 41-47 stand finally rejected under 35 U.S.C. 
102 (a) as being anticipated by Adams. 

Claims 19,20, 23, 35, 36, and 39 stand finally rejected under 35 U.S.C. 103(a) being 
unpatentable over Adams in view of Czerwinski. 

(7) Claims Appendix 

The copy of the appealed claims contained in the Appendix to the brief is correct. 

(8) Evidence Relied Upon 

6,718,470 ADAMS 4-2004 

Czerwinski, et al. "An Architecture for a Secure Service Discovery Service," Mobicom 99, 
Proceedings of the 5th Annual ACM/IEEE International Conference on Mobile Computing and 
Networking, August 15th, 1999. XP000896069, pp 24-35. 

(9) Grounds of Rejection 

The following ground(s) of rejection are applicable to the appealed claims: 

Claim Rejections - 35 USC §102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis 
for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

the invention was known or used by others in this country, or patented or described in a printed publication in this or a 
foreign country, before the invention thereof by the applicant for a patent. 

Claims 1, 2, 5, 6, 9-18, 21, 22, 25-34, 37, 38, and 41-47 are rejected under 35 U.S.C, 102(a) 
as being clearly anticipated by Adams U.S. Pat. No. 6718470 (hereinafter Adams). 



Application/Control Number: 09/653,215 Page 4 

Art Unit: 2131 

As per claim 1, Adams discloses a method for accessing a service in a distributed computing 
environment, comprising: a client locating a first service within the distributed computing 
environment, wherein the first service provides a plurality of capabilities to clients executing in 
the distributed computing environment (Adams: column 5 lines 9-18: the subscriber may use 
another application controlled by the relying party; column 6 lines 31-67); the client requesting a 
capability credential to allow the client access to a portion of the first service's capabilities 
(Adams: column 5 lines 19-32; column 6 lines 49-52), wherein said requesting a capability 
credential comprises the client indicating a set of desired capabilities (Adams: column 6 lines 49- 
57 and column 5 lines 9-17: access different service of a relying party); the client receiving said 
capability credential, wherein said capability credential indicates that the client has the right to 
use only said portion of the first service's capabilities, wherein said portion of the first service's 
capabilities is less than a total of the plurality of capabilities provided by the first service 
(Adams: column 5 lines 14-32: the subscriber communicate a request for another application 
controlled by the relying party... the certificate selector match subscriber's attribute certificate 
with the privilege test criteria data; column 6 line 65 - column 7 line 9); and the client using said 
capability credential to access one or more of said portion of the first service's capabilities 
(Adams: column 7 lines 3-9). 

As per claim 2, Adams discloses the method of claim 1 . Adams further discloses wherein said 
requesting a capability credential comprises the client sending a capability credential request 
message, wherein said capability credential request message comprises an identification of said 
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first service and an indication of the set of desired capabilities (Adams: column 6 lines 49-61 and 
column 5 lines 14-18). 

As per claim 5, Adams discloses the method of claim 2. Adams further discloses the client 
receiving an advertisement for the first service, wherein said advertisement describes the portion 
of the first service's capabilities; and wherein said indication of the set of desired capabilities 
comprises an indication of said advertisement (Adams: column 5 lines 14-18 and column 6 lines 
31-67: the subscriber wants to access the relying party's service, but has to request credential 
from the centralized privilege data selector by submitting the subscriber's identity and the 
relying party's identifier; Although there is no specific mention of the advertisement, 
advertisement serves as a way of letting the user be aware of the service available). 

As per claim 6, Adams discloses the method of claim 5. Adams further discloses wherein said 
indication of said advertisement is said advertisement itself (Adams: column 5 lines 14-18). 

As per claim 9, Adams discloses the method of claim 5. Adams further discloses wherein said 
advertisement is a protected advertisement that describes the first service's capabilities but does 
not provide an interface to the first service's capabilities (Adams: column 5 lines 14-18: the 
website describes the service, and the service can be provided upon authentication). 

As per claim 10, Adams discloses the method of claim 1 . Adams further discloses the client 
receiving a protected advertisement for the first service, wherein said protected advertisement 
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indicates an address for sending said capability credential request message to (Adams: column 6 
lines 31-49; column 5 lines 14-18); and wherein said requesting a capability credential comprises 
the client sending a capability credential request message to said address indicated in said 
protected advertisement (Adams: column 6 lines 49-58). 

As per claim 11, Adams discloses the method of claim 10. Adams further discloses wherein said 
address indicated in said protected advertisement is for an authentication service, wherein said 
sending a capability credential request message comprises sending said capability credential 
request message to said authentication service, the method further comprising the authentication 
service sending a credential request response message to the client in response to said capability 
credential request message (Adams: column 6 lines 49-67). 

As per claim 12, Adams discloses the method of claim 1 L Adams further discloses wherein said 
credential request response message includes said capability credential, wherein said receiving 
said capability credential comprises receiving said capability credential from said authentication 
service in said credential request response message (Adams: column 6 lines 49-67). 

As per claim 13, Adams discloses the method of claim 1. Adams further discloses the client 
receiving a protected advertisement for the first service, wherein said protected advertisement 
indicates an authentication service (Adams: column 5 lines 14-18: the website describes the 
service, and the service can be provided upon authentication); and wherein said requesting a 
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capability credential comprises the client requesting a capability credential from said 
authentication service (Adams: column 6 lines 49-67). 

As per claim 14, Adams discloses the method of claim 13. Adams further discloses said 
authentication service determining a level of the first service's capabilities that the client is 
authorized to use (Adams: column 6 lines 49-67); said authentication service generating said 
capability credential according to said level and said set of desired capabilities (Adams: column 
6 lines 59-67); and said authentication service sending said capability credential to the client, 
wherein said portion of the first service's capabilities that said capability credential indicates that 
the client has a right to use is no more than said set of desired capabilities (Adams: column 6 
lines 58-67). 

As per claim 15, Adams discloses the method of claim 14. Adams further discloses wherein said 
portion of the first service's capabilities that said capability credential indicates that the client has 
a right to use is the lesser of said level of the first service's capabilities that the client is 
authorized to use and said set of desired capabilities (Adams: column 6 lines 49-67). 

As per claim 16, Adams discloses the method of claim 1. Adams further discloses wherein said 
using said capability credential to access one or more of said portion of the service's capabilities 
comprises the client sending a message to the first service to access a first capability, wherein the 
message includes said capability credential (Adams: column 6 line 67 - column 7 line 9), the 
method further comprising the first service authenticating said capability credential received in 
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the message to verify that the client has the right to use said first capability (Adams: column 7 
lines 3-9). 

As per claim 17, 18, 21, 22, 25-34, 37, 38, and 41-47, claims 17, 18, 21, 22, 24-34, 37, 38, and 
4M7 encompass the same scope as claims 1, 2, 5, 6, and 9-16. Therefore, claims 17, 18, 21, 22, 
24-34, 37, 38, and 41-47 are rejected based on the same reason set forth above in rejecting claims 
1,2, 5, 6, and 9-16. 

Claim Rejections -35 USe §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 
rejections set forth in this Office action: 

A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of 
this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art 
to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made. 

Claims 3, 7, 19, 23, 35, and 39 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Adams. 

As per claim 3, Adams discloses the method of claim 2. Adams does not explicitly disclose 
wherein said identification of said first service comprises a Universal Unique Identifier. 
However, Universal Unique Identifier is well known in the art to identify object on the Internet. 
Therefore, it would have been obvious to one having ordinary skill in the art at the time of 
applicant's invention to use UUID to identify the first service. 
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As per claim 7, Adams discloses the method of claim 5. Adams does not explicitly disclose said 
indication of advertisement is a uniform resource identifier to said advertisement. However, 
Adams discloses the subscriber communicate a request over a global network link to a Website 
of the relying party (Adams: column 5 lines 14-18). It would have been obvious to one having 
ordinary skill in the art to use URI to indicate the advertisement because URI is standard 
identifier for accessing a website or advertisement. 

As per claim 19, 23, 35, and 39, claims 19, 23, 35, and 39 encompass the same scope as claims 3 fi 
and 7. Therefore, claims 19, 23, 35, and 39 are rejected based on the same reason set forth above 
in rejecting claims 3 and 7. 

Claims 4, 20, and 36 are rejected under 35 U.S.C. 103(a) as being unpatentable over Adams in 
view of Czerwinski et al. "An Architecture for a Secure Service Discovery Service" (hereinafter 
Czerwinski). 

As per claim 4, Adams discloses the method of claim 2. Adams does not explicitly disclose the 
capability credential request is formatted in extensible Markup Language. However, Czerwinski 
discloses using XML to establish communication interface (Czerwinski: 2.3 XML Service 
Description). It would have been obvious to use XML message interface to allow 
communications between the relying parties and subscribers. Therefore, it would have been 
obvious to one having ordinary skill in the art at the time of applicant's invention to combine the 
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teachings of Czerwinski within the system of Adams because XML is well known in the art to 
provide greater flexibility as communication interfaces. 

As per claim 20 and 36, claims 20 and 36 encompass the same scope as claim 4. Therefore, 
claims 20 and 36 are rejected based on the same reason set forth above in rejecting claim 4. 

(10) Response to Argument 
1. Claims 1, 2, 5, 6 and 9-16 stand finally rejected under 35 U.S.C 102 (a) as being 
anticipated by Adams (U.S. Pat. 6,718,470). 

Claims 1, 2, and 16: 

Regarding claim 1, appellant argues Adams fails to disclose a client receiving a 
capability credential that indicates that the client has the right to use only a portion of 
service's capabilities; wherein the portion is less than a total of the capabilities provided by 
the first service. 

Examiner respectfully disagrees. Adams discloses a subscriber receives a pre- 
qualification privilege data to access certain service provided by a relying party (Adams: column 
5 lines 14-17: the subscriber communicate request to access application controlled by relying 
party; column 5 lines 38-41 : attribute certificate of a relying party represent a required 
membership privilege to gain access to a particular software application controlled by the 
relying party; column 6 lines 49-65: centralized privilege data selector determines whether the 
privilege possessed by subscriber is sufficient to access certain service provided by the relying 
party). The pre-qualification privilege data sent to subscriber indicates the limited capabilities 
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that a subscriber is entitled to with respect to all of the services provided by the relying party 
(column 6 lines 58-61 and 65-67). Therefore, the pre-qualification privilege data indicates 
whether the subscriber can access certain portions of a service provided by a relying party. 
Claim 5; 

Regarding claim 5, appellant argues Adams fails to disclose the client receiving an 
advertisement for the first service, wherein the advertisement describes the portion of a 
first service's capabilities . 

Examiner respectfully disagrees. Adams discloses that the subscriber requests access to 
the service through a Website and the subscriber provides the identification of the service and 
subscriber to the authentication service (Adams: column 5 lines 14-17: Website of relying party; 
column 6 lines 49-51 : the identification of relying party and subscriber). The advertisement 
achieved through the use of website is well known in the art. The subscribers are exposed to an 
advertisement when accessing a certain website and decided to request the service described in 
the advertisement. Therefore, in order for the subscriber to request authentication credential, the 
subscriber must be aware of the service provided by the relying party and the capability of that 
service prior to using it. 

On the other hand, appellant argues that Adams fails to disclose a client's indication of 
the set of desired capabilities comprises an indication of the advertisement Examiner 
respectfully disagrees. Adams clearly disclosed that the subscriber indicate identifications of the 
subscriber and the service to a privilege data selector in order to obtain pre-qualification 
privilege data (Adams: column 6 lines 49-51). Without indicating the desired capabilities, the 
centralized privilege data selector will not be able to determine whether the capabilities 
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associated with the subscriber is sufficient to access services provided by relying party. 
Therefore, Adams discloses the limitation of claim 5. 
Claim 6: 

Regarding claim 6, appellant argues Adams fails to disclose where the indication of 
the advertisement is the advertisement itself . 

Examiner respectfully disagrees. Adams discloses that the subscriber is aware of the 
website as an advertisement and tries to access services associated with the website by requesting 
pre-qualification privilege data by indicating to a centralized data selector the identification of 
the website and the subscriber (Adams: column 5 lines 14-17: Website of relying party; column 
6 lines 49-67: the identification of relying party and subscriber). Therefore, by indicating the 
relying party's identification, the indication of the advertisement is achieved since the 
advertisement is the website itself. 

Claim 9: 

Regarding claim 9, appellant argues Adams fails to disclose an advertisement that is 
a protected advertisement that describes the first service's capabilities but does not provide 
an interface to the first service's capabilities . 

Examiner respectfully disagrees. Adams discloses that the service is provided to a 
subscriber after verification has been completed (column 5 lines 55-57: indicating yes/no to 
access request). Furthermore, Adams discloses that a subscriber is allowed to understand what 
services the relying party provides but actual access to the service is granted after verification 
(Adams: column 5 lines 14-18: aware of service and request service; column 5 lines 54-56: 
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verification of subscriber). Therefore, Adams clearly discloses the protected advertisement that 
describes services provided but not the actual service itself. 
Claims 10, 11, and 12; 

Regarding claims 10, 11, and 12, appellant argues Adams fails to disclose a client 
receiving a protected advertisement for the first service, wherein the protected 
advertisement indicates an address for sending capability credential request message to. 

Examiner respectfully disagrees. Adams discloses that the communication is performed 
through Web (Adams: column 5 lines 14-18 and column 6 lines 31-49). Since the 
communication between each entity is through network communication, there must exist an 
identification for each entity in order to initiate communication between entities. Therefore, an 
address for sending request to is required in the system of Adams. 

Claim 13: 

Regarding claim 13, appellant argues Adams fails to disclose a client receiving a 
protected advertisement for the first service. 

Examiner respectfully disagrees. Adams discloses that the service is provided to a 
subscriber after verification has been completed (column 5 lines 55-57: indicating yes/no to 
access request). Furthermore, Adams discloses that a subscriber is allowed to understand what 
services the relying party provides but actual access to the service is granted after verification 
(Adams: column 5 lines 14-18: aware of service and request service and the service is the 
application controlled by the relying party; column 5 lines 54-56: verification of subscriber). 
Therefore, Adams clearly discloses the protected advertisement that describes services provided 
but not the actual service itself. 
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Claim 14: 

Regarding claim 14, appellant argues Adams fails to disclose the authentication 
service determining a level of the first service's capabilities that the client is authorized to 
use and where the portion of the service's capabilities that the capability credential 
indicates that the client has a right to use is no more than the set of desired capabilities . 

Examiner respectfully disagrees. Adams discloses the centralized privilege data selector 
determines whether privilege possessed by the subscriber is sufficient to access the service by 
comparing criteria set by the service with the privilege of subscriber (Adams: column 6 linesSl- 
67). By process of authentication is achieved by comparing attribute certificate of both parties to 
determine if access should be granted. Therefore, the comparison process conducted by the 
centralized data selector achieves the conventional authentication technique. 

Furthermore, Adams discloses that the pre-qualification privilege data sent by the 
centralized data selector to a subscriber contains a set of privileges that the subscriber possesses 
and only the set of privileges included in the pre-qualification privilege data can the subscriber 
use to access service provided by relying party (Adams: column 6 lines 58-67). 
. Claim 15: 

Regarding claim 15, appellant argues Adams fails to disclose wherein the portion of 
the first service's capabilities that the capability credential indicates that the client has a 
right to use is the lesser of the level of the first service's capabilities that the client is 
authorized to use and the set of desired capabilities . 

Examiner respectfully disagrees, Adams discloses the centralized data selector selects 
matching attribute certificates between the subscriber and the relying party based on the criteria 
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set by the relying party (Adams: column 6 lines 51-67). Therefore, the privilege data received by 
.the subscriber is a subset of the total capabilities provided by the relying party because it is 
impossible to obtain capabilities of a relying party for which the relying party does not provide. 

2. Claims 3 and 7 stand finally rejected under 35 U.S.C 103 (a) as being unpatentable 
over Adams. 

Claim 7: 

Regarding claim 7, appellant argues that the examiner fails to provide a motivation 
for modifying the system of Adams to use a URL 

Examiner respectfully disagrees. The use of Web communication has been disclosed in 
the Adams reference to facilitate communication between entities (Adams: column 4 lines 14- 
18). Therefore, the use of URI in Web is taught by the Adams reference as it is required for the 
system to be functional. 

3. Claim 4 stand finally rejected under 35 U.S.C, 103(a) as being unpatentable over 
Adams in view of Czerwinski et al. 

Appellant traverse the rejection of claim 4 for at least the reasons presented 
regarding its independent claim. 

Examiner respectfully traverses the argument of claim 4 based on reason provided in 
prior response toward independent claim. 
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4. Claims 17, 18, 21, 22, 24-34, 37, 38, and 41-47 stand finally rejected under 35 U.S.C. 
102(a) as being anticipated by Adams. 

Please refer to the responses above regarding the 102 rejection of claims 1, 2, 5, 6 and 9- 
16 as.they also apply to claims 17, 18, 21, 22, 24-34, 37, 38, and 41-47. 

5. Claims 19, 20, 23, 35, 36, and 39 stand finally rejected under 35 U.S.C 103(a) as 
being anticipated by Adams. 

Please refer to the responses above regarding the 103 rejection of claims 3, 4, and 7as 
they also apply to claims 19, 20, 23, 35, 36, and 39. 

(11) Related Proceeding(s) Appendix 

No decision rendered by a court or the Board is identified by the examiner in the Related 
Appeals and Interferences section of this examiner's answer. 

For the above reasons, it is believed that the rejections should be sustained. 
Respectfully submitted, 
Shin-Hon Chen 




